Java plugins

Automatically generate C4 architecture diagrams (Context, Container, Component, Code) from your codebase via bottom-up analysis, producing Mermaid diagrams and documentation for system design, API interfaces, and deployment units.

Automate technical debt reduction, dependency updates, and code refactoring by scanning for vulnerabilities and code smells, generating prioritized remediation plans, and leveraging AI-powered test automation and code review.

Delegate architecture, implementation, optimization, and debugging of complex applications to specialized AI agents expert in Python/Django/FastAPI, TypeScript/React/Next.js/Angular/Vue, Go, Rust, Java/Spring Boot, PHP/Laravel/Symfony, C#/.NET, mobile (Flutter/React Native/Swift/Kotlin), Elixir/Rails, SQL, and DevOps tools.

Run CodeQL and Semgrep to scan multi-language codebases (Python, JavaScript/TS, Go, Java, C#, Ruby, Rust) for security vulnerabilities via taint tracking and pattern matching. Parse, deduplicate, and aggregate SARIF outputs from scans, then integrate findings into CI/CD pipelines using GitHub Actions or bash scripts.

Decompile Android APK, XAPK, JAR, and AAR files using jadx or Fernflower, then extract HTTP API endpoints and trace call flows from UI to network layer for security analysis and API documentation.

Implement Trail of Bits handbook security testing workflows: fuzz Rust, Python, C/C++, Ruby code with AFL++, libFuzzer, cargo-fuzz, Atheris; instrument AddressSanitizer; run static analysis via Semgrep, CodeQL; generate coverage reports, dictionaries, and bypass obstacles for vulnerability detection.

Automatically generate production-ready unit tests from source code files or snippets in JavaScript/TypeScript (using Jest, Vitest, or Mocha), Python (pytest), Java (JUnit 5), and Go. Auto-detects frameworks, covers happy paths, edge cases, boundaries, errors, and provides mocks for robust testing.

Audit Armeria-based Java projects for event loop blocking by discovering patterns, scanning operations, tracing calls, and generating fix plans without code changes. Pinpoint latency spike causes for pre-release validation.

Detect memory leaks in running Node.js, Python, and JVM apps by analyzing event listeners, closures, unbounded caches, and retained references. Scan codebases for patterns like unremoved listeners, uncancelled timers, circular references, and DOM holds, generating markdown reports with severity ratings, code locations, snippets, fixes, and prevention strategies.

Design, execute, and analyze load, stress, spike, soak, and endurance tests on APIs, web apps, and databases using k6, Artillery, JMeter, Locust, and autocannon. Identify bottlenecks, review metrics, and verify SLAs to optimize performance.

Automate OWASP Top 10 vulnerability scans and penetration testing on JavaScript, Python, and Java codebases using Semgrep, ESLint-security, Bandit, and dependency audits. Delegate comprehensive security audits to a specialized agent covering injections, XSS, CSRF, authentication flaws, access control, and misconfigurations.

Build complete API authentication and authorization systems supporting JWT, OAuth2, API keys, sessions, MFA, RBAC, token refresh, validation, and brute-force protection. Generates models, middleware, and services for JavaScript/Node.js, Python, and Java backends.

Validate API responses against OpenAPI and JSON schemas to ensure contract compliance, detect schema drift, and verify data integrity. Generate JSON Schema definitions, Ajv validators, Express middleware, tests, docs, and monitoring directly in Node.js, Python, or Java workflows.

Add Redis-backed rate limiting to Express, FastAPI, Python, Node.js, or Java APIs using token bucket, sliding window, or quota algorithms. Enforce per-user or per-IP limits with configurable tiers, monitoring headers, and automatic 429 responses to protect against abuse.

Generate k6, Artillery, wrk, or Gatling scripts for API load, stress, and soak tests to validate performance under configurable loads. Run tests locally to measure response times, throughput, error rates, scalability, and identify bottlenecks.

Scan codebases to detect CPU hotspots, intensive operations, blocking calls, and algorithmic inefficiencies. Generate detailed optimization reports with before/after code examples, performance estimates, and targeted recommendations to boost application speed in bash, Python, and Java projects.

Audit authentication in JavaScript, Python, and Java web apps/APIs against OWASP/NIST standards—covering password hashing, JWT handling, sessions, OAuth flows, MFA, and account controls. Validate project setups by checking credentials, tokens, and config files for errors and compliance status.

Analyze test coverage reports from Jest/nyc, pytest, Go test, and JaCoCo across JavaScript, Python, Go, and Java projects to identify untested code paths, branch gaps, low-coverage files, enforce thresholds, and generate detailed reports with targeted test recommendations.

Audit web app session management for vulnerabilities like fixation, ID generation flaws, expiration issues, cookie misconfigurations, insecure storage, and poor invalidation in Express, Django, Rails, Python, and Java apps. Check current Claude Code session status, including active state and user details.

Scan cryptographic code for timing side-channel vulnerabilities like secret-dependent branches and divisions across Go, Rust, Java, Kotlin, C#, PHP, JS/TS, Python, and Ruby. Run constant-time analysis via skills or commands to get violation reports in JSON, with filters for warnings, architecture, and functions.

Engineer production-ready ADK agents and multi-agent systems in Python, Java, or Go, generating clean code structures, unit tests, safe tools, and deployment automation for Vertex AI.

Generate and implement standardized API error handling with RFC 7807 responses, typed error classes, middleware, logging, monitoring, and recovery strategies for consistent HTTP status codes across Express, FastAPI, Flask, Node.js, Python, Java, and Go backends.

Implement multi-level API caching strategies using Redis for server-side storage, CDNs for edge caching, and HTTP headers for browser control, with TTL settings, tag-based invalidation, cache-aside patterns, and stale-while-revalidate to optimize performance across Node, Python, and Java backends.

Delegate coding tasks to expert AI agents specialized in Python, Go, Rust, Java, JavaScript, PHP, Ruby/Rails, C/C++, SQL, and TypeScript. They proactively write idiomatic code, refactor for performance, implement advanced features like concurrency and generics, add tests with pytest or RSpec, optimize queries/schemas, and handle builds like Cargo.toml or CMake.

Deploy specialized AI agents to synthesize research from academic papers, web sources, and GitHub repos with citations; generate API docs, OpenAPI specs, and SDKs; transcribe, analyze, and optimize podcasts; modernize legacy code across React, Python, Java; build and link knowledge graphs; orchestrate multi-agent pipelines for complex tasks.

Implement structured logging for API requests with automatic correlation IDs, PII redaction, performance metrics, and security audit trails in JavaScript, Python, and Java backends. Use the setup command to configure request/response capture and log shipping in Node.js or Python apps for debugging, compliance, and observability workflows.

Build API monitoring systems with Prometheus metrics, Grafana dashboards, health checks, alerts, synthetic probes, and SLO tracking to ensure performance and uptime for Node.js, Python, and Java REST APIs.

Generate and execute comprehensive test suites for REST and GraphQL APIs directly from OpenAPI specs, automating request generation, schema/response validation, CRUD coverage, auth handling, error/performance checks, idempotency tests, with reporting in Jest, pytest, Supertest, or REST-assured.

Generate production-ready, type-safe client SDKs in TypeScript, JavaScript, Python, Go, and Java from OpenAPI specs, automatically including authentication, retries, pagination, tests, usage docs, and examples for rapid API client development.

Generate production-ready REST APIs from OpenAPI specs or schemas, creating full CRUD endpoints with pagination, filtering, auth, routes, controllers, models, middleware, services, tests, and docs for Express, FastAPI, Spring Boot, and Gin.

Profile Node.js, Python, and Java application performance by analyzing CPU usage, memory allocation, execution hotspots, and bottlenecks. Generate markdown reports with detailed breakdowns, patterns, and actionable optimization recommendations including code fixes.

Run mutation testing on JavaScript, Python, Java, Go, C#, or Ruby codebases to evaluate test suite quality. Introduce code mutants with tools like Stryker, mutmut, PITest, or go-mutesting, check detection rates, identify coverage gaps, and generate reports with survival scores and improvement suggestions.

Run integration test suites for APIs, databases, services, queues, and files using real Dockerized dependencies without mocks. Automates full workflow: environment setup, database seeding, service orchestration, test execution with coverage reporting, and teardown cleanup. Select suites and configure environments via CLI flags.

Perform consumer-driven contract testing with Pact (JavaScript, Python, JVM) and OpenAPI validation for REST, GraphQL, gRPC APIs to detect breaking changes, generate tests, and produce detailed reports integrable into CI/CD pipelines.

Audit database connections, calculate optimal pool sizes, configure app-level pooling parameters, and deploy PgBouncer or ProxySQL for PostgreSQL and MySQL to prevent exhaustion and boost throughput. Implement best practices with code examples for Node.js, Python, and Java.

Exploits Apache Shiro rememberMe deserialization vulnerabilities for security assessments, including key brute-force, gadget chain detection, command execution, and memory shell injection against Shiro-based Java applications.

Integrate Azure services into Java apps using SDK clients and best practices for AI agents, anomaly detection, vision analysis, document processing, real-time voice/chat/SMS, storage/blobs/tables/Cosmos DB, Event Hubs/Grid, Key Vault secrets/keys, authentication, monitoring, and batch compute with sync/async operations.

Accelerate Guidewire InsuranceSuite development by automating Cloud API integrations for PolicyCenter policy lifecycles, ClaimCenter claims processing, BillingCenter ops; CI/CD pipelines with Gradle/Gosu; error diagnosis/fixes; secure deployments; performance/cost tuning; production monitoring/incident response via 24 specialized skills.

Develop secure, performant integrations with Veeva Vault for clinical operations, document management, and CRM using guided skills for REST API calls, VQL queries, VAPIL Java SDK, authentication, error handling, deployments, migrations, rate limiting, observability, and compliance checks.

Enforce cross-language coding standards and automate development workflows—code review, commit message generation, project scaffolding, optimization scans, and documentation—by configuring Claude Code and other AI assistants with contextual rules, skills, and commands for Java, Go, Python, TypeScript, Vue, React, Docker, and Redis.

Delegate specialized AI agents to build secure Solidity smart contracts, DeFi protocols, and full Web3 apps including tests, gas optimization, audits, and frontend integration. Develop production Hyperledger Fabric v2.5/v3 enterprise blockchains with Go/Java/TypeScript chaincode, network architecture, Kubernetes deployments, Raft/SmartBFT consensus, channels, MSPs, and privacy features.

Security-test IoT devices, firmware, and embedded systems by analyzing UEFI/BIOS dumps for rootkits, extracting filesystems from firmware, decompiling Android APKs, scanning networks with nmap and ONVIF probes, capturing and decoding hardware debug interfaces (SWD/JTAG) and logic analyzer traces (UART/SPI/I2C), interacting with UART and telnet consoles, and auditing MQTT/CoAP traffic from PCAPs.

Automate code analysis, test setup, and quality enhancement across JavaScript, TypeScript, Python, Java, Go, Rust, and Ruby by running slash commands that generate unit/integration/E2E/mutation/property/load/visual tests, fix linting/formatting issues, analyze coverage/performance/security, reproduce bugs with failing tests, optimize code, and integrate CI/CD workflows.

Design MongoDB schemas with best patterns and anti-patterns, generate and optimize queries from natural language using schema and indexes, tune client connections across Node.js Python Java Go drivers, implement Atlas full-text vector hybrid search for RAG, provision stream processing pipelines with Kafka S3 Lambda, and configure MCP servers via Docker or Atlas API.

Accelerate Java Spring Boot development by generating CRUD apps, REST APIs, and AI integrations with LangChain4j; write unit/integration tests; integrate AWS services like RDS, DynamoDB, S3, Lambda; refactor code, audit security/dependencies, and produce documentation/architecture reviews via agents, commands, skills, and LSP support.

Design RESTful or GraphQL APIs from domain models and requirements, generate OpenAPI 3.1 specs by scanning codebases in Express, FastAPI, Flask, Go, or Java, and consult an expert for endpoint reviews, schemas, auth, versioning, pagination, and optimizations.

Bootstrap Stripe projects with CLI, implement official best practices for payments via Checkout Sessions or PaymentIntents, Billing subscriptions, Connect Accounts, Treasury, Payment Element, and upgrade APIs/SDKs across Python, Ruby, Node.js, Java, Go, .NET.

Run a phased performance investigation workflow that establishes baselines, maps code paths, profiles hotspots with flame graphs, generates and tests hypotheses via benchmarks, logs evidence, and synthesizes recommendations with decisions for Node/JS, Python, Rust, Go, Java projects.

Generate Markdown API reference docs from source code and routes, extracting endpoints, methods, parameters, schemas, auth, errors, and examples for Express, FastAPI, Django, Java, and Go backends.

Run mutation testing on JavaScript/TypeScript, Python, or Java codebases with Stryker, mutmut, or PITest to quantify test suite effectiveness. Review mutation scores, inspect survived mutants with specific test improvement suggestions, and generate savable reports for better code quality assurance.

Detect memory leaks and profile heap usage in Node.js, Python, Java, Go, and browser apps by capturing snapshots, measuring growth rates with GC, tracing references, identifying consumers, suggesting fixes, and verifying resolutions.

Generate optimized, explained regex patterns from natural language descriptions supporting JavaScript, Python, Go, Java, and PCRE flavors. Test patterns against sample inputs, edge cases, adversarial strings, and non-matches with match reports, group captures, performance metrics, accuracy scores (TP/TN/FP/FN), and targeted improvement suggestions.

Scan direct and transitive dependencies across Node, Python, Java, Rust, Go package managers for license compliance, classify licenses, flag issues with counts and statuses in reports, and generate NOTICE files attributing third-party licenses with full texts, copyrights, and project notices.

Interactively configure secure Azure Blob Storage accounts with encryption, lifecycle policies, network rules, and IaC templates, then set up and deploy Azure Functions apps complete with triggers, bindings, auth, monitoring, and CI/CD pipelines.

Generate customized CLAUDE.md configs for Claude AI assistants by auto-detecting Node, Python, Rust, Go, Java, Docker environments and package managers, incorporating git user info, TDD methodologies, memory rules, and local best-practices references with multi-file sync.

Trade Taiwan financial markets (TWSE/TPEX/TAIFEX) programmatically using Shioaji's Python binding, CLI tool, or HTTP API with SSE streaming. Supports orders, real-time quotes, account data, and multi-language HTTP clients in JS/TS, Go, C/C++, C#, Rust, Java/Kotlin.

Set up SAP Business Application Studio (BAS) on SAP BTP: create dev spaces and subscriptions, connect to Git repos and external systems via destinations/Cloud Connector, deploy MTA apps to Cloud Foundry, configure Node.js/Java/Python runtimes, manage tasks/CI-CD, and troubleshoot connectivity.

Develop enterprise integrations on SAP BTP Integration Suite by building iFlows for cloud and on-premise connectivity, managing API proxies, implementing Event Mesh for event-driven architectures, deploying Edge Integration Cells for hybrid setups, configuring B2B/EDI adapters, and processing messages with Groovy or JavaScript.

Build, configure, and troubleshoot GraalVM Native Image applications using native-image CLI, Maven, or Gradle Native Build Tools, including reachability metadata and build/run-time issue diagnosis.

Enforces secure coding and prevents common vulnerabilities by guiding AI agents during development, plus migrates memory-unsafe code to Rust/Go/Java/C#/Swift with rewrite workflows, and performs full security code reviews with prioritized OWASP-based reports.

Orchestrate end-to-end QA automation across Playwright and Selenium — generate, execute, and debug UI, API, and accessibility tests, plan regression suites with ISTQB-aligned artifacts, and heal flaky tests via delegated specialist agents.

Manage Apache Cayenne ORM projects by reverse-engineering database schemas, designing and editing DataMaps, generating entity Java classes, writing Cayenne queries, and bootstrapping runtime configuration – all through MCP tool integrations.

Integrate SAP Cloud SDK for AI into JavaScript/TypeScript and Java applications to access SAP AI Core, Generative AI Hub, and Orchestration Service for LLM workflows including chat completion, embeddings, streaming, function calling, content filtering, data masking, document grounding, and LangChain/Spring AI support with models like GPT-4o, Llama, and Gemini via SAP BTP.

Follow SAP API Style Guide standards to create and review consistent documentation for REST, OData, Java, JavaScript, .NET, and C/C++ APIs, including naming conventions, OpenAPI specifications, comments, quality checklists, and deprecation policies.

Develop business applications on SAP BTP using CAP (Node.js/Java) or ABAP Cloud, deploy to Cloud Foundry or Kyma, integrate SAP HANA Cloud and remote systems, build Fiori UIs, create multitenant SaaS apps, extend S/4HANA, set up CI/CD pipelines, implement observability, and apply SAP best practices.

Helps Qdrant users optimize and manage vector search deployments through tuning performance, diagnosing search quality, scaling clusters, deploying infrastructure, upgrading versions, and using client SDKs.

Automate Java/Spring Boot development workflows: scaffold production-ready Spring Boot 4.x apps with REST APIs, JPA entities, security, tests, Modulith, Thymeleaf, and Docker Compose; add JSpecify for nullability checks in Maven/Gradle projects; review recent code changes for bugs, security, architecture, and best practices.

Connect to MongoDB databases, explore schemas, generate queries and aggregation pipelines from natural language, analyze query performance with index recommendations, implement Atlas Search and Vector Search, and manage stream processing workflows — all from within Claude.

Runs a complete development workflow — from feature specification and architecture design to task breakdown, implementation, code review, debugging, refactoring, and release documentation — with persistent knowledge graph across sessions and enforced commit policies.

Enables AI coding agents to build Stellar blockchain applications in Java: handle transactions, query Horizon, deploy Soroban smart contracts, and convert XDR/SCVal data.

Explore Citrus Framework's component catalog, DSL schemas, and best practices directly from AI coding assistants via the MCP protocol, accelerating Java integration testing and deployment verification workflows.

Implement secure OAuth 2.0 and OpenID Connect authentication flows for web apps, SPAs, and services. Handle Authorization Code with PKCE, Client Credentials grants, and token refresh. Use ready Express.js examples with Flask and Spring Boot references to integrate third-party auth and SSO quickly.

Enforce architectural rules, clean code, DDD, security, and test quality across the software delivery lifecycle using composable AI skills that guide design, code generation, review, and documentation workflows.

Develop SAP Cloud Application Programming Model (CAP) applications with full lifecycle support: model CDS entities and services, implement OData and event handlers in Node.js/Java/TypeScript, deploy to SAP BTP Cloud Foundry or Kyma, and debug with diagnostics and performance tuning.

Configure tsk Docker container images for Rust, Go, Node, Python, or Java projects by detecting the stack, migrating Dockerfiles to tsk.toml layers, running dry-run builds, and interactively troubleshooting setup issues.

Run automated code quality reviews on pre-commit changes and GitHub PRs with language-aware analysis for idiomatic patterns, test coverage, DRY/SOLID principles, error handling, and build verification. Supports Go, Python, Rust, TypeScript, Java, and custom project profiles like HyperShift.

Provides agent skills for comprehensive Neo4j database management: querying, modeling, data ingestion, AI/ML pipelines (GraphRAG, embeddings), graph algorithms, provisioning, security, and performance tuning.

Accelerate Spring Boot development with code generation for REST controllers, DTOs, MapStruct mappers, Spring Security configs, Kafka integration, and entity-to-DTO mapping. Includes structured implementation planning and Connekt-based API testing.

Search and read source code of Kotlin/Gradle dependencies to inspect API shapes and implementations without accessing .gradle files directly

Index codebases with Tree-sitter to enable precise navigation across Rust, Python, TypeScript, JavaScript, Go, and Java files: search symbols, trace cross-file callers, read function implementations, discover tests, and grep with scope awareness using integrated skills and CLI commands.

Query public APIs of any JVM dependency (Scala 3, Scala 2, Java) from the terminal — view type signatures, members, documentation, and source as Markdown without unpacking JARs. Enables rapid exploration of unfamiliar libraries and dependency API checks without a full project import.

Provision phone numbers, send SMS/MMS/RCS, control voice calls/conferences, build/deploy AI voice assistants, manage WebRTC clients/pushes, handle 10DLC compliance/porting, and configure SIP/IoT via multi-language Telnyx SDK code examples, curl, CLI.

Automate end-to-end Testany testing workflows: decompose scenarios into cases with Python/Java/Playwright/Gradle/Maven scripts and ZIP packages, register and manage cases/pipelines, configure Jenkins/GitHub Actions triggers and schedules, monitor executions, debug failures via log analysis, and organize workspaces/teams with permissions.

Provides 14+ agents, 56+ skills, and 33+ commands for Claude Code to enforce TDD, run security scans, review code, manage multi-agent workflows, and continuously learn from sessions across languages like Go, Rust, Java, Kotlin, Python, TypeScript, and C++.

Rapidly explore unfamiliar Scala 2/3 and Java codebases from the CLI by searching symbols, finding definitions, implementations, usages, imports, members, and scaladoc, plus viewing call graphs as ASCII art for quick project navigation and test lookups.

Structure software projects into context-driven tracks: scaffold setups, generate specs and plans from project docs, implement tasks via AI agents with git snapshots, review code for quality/security/test coverage, track progress, manage skills/snippets/patterns, and revert via git history.

Build, test, and maintain custom language SDKs generated from OpenAPI specs using the oagen framework — scafffold emitters and extractors, run compatibility checks, automate smoke tests, and fix regressions in a generate-verify loop.

Generates Vaadin views, forms, and grids with jOOQ data access queries, Flyway database migrations, Karibu server-side tests, and Playwright E2E tests for Java web applications, while connecting to remote MCP servers for Vaadin, jOOQ, KaribuTesting, and Javadocs.dev assistance.

Write and debug Java code with expert-level guidance on streams, concurrency, and generics, plus LSP-powered code intelligence including diagnostics, navigation, and references for .java files.

Enforce Java code quality and style standards using Checkstyle, with support for XML configuration, custom checks, and built-in rule enforcement for naming conventions and code metrics.

Enforce formal backpressure in AI coding by generating compile-time guard types from Shen sequent-calculus specifications, then running a verification loop that catches invariant violations during build and tests handwritten implementations against formal specs.

Enforce in-source AI context annotations across Python, TypeScript, Go, Rust, and Java codebases — auto-annotate files, validate compliance, and trace caller dependency chains up to 3 levels deep.

Generate Mermaid and PlantUML diagrams from natural language descriptions or source code analysis in TypeScript, Python, Java, C#, Prisma, and Django to visualize classes, ER models, sequences, dependencies, architectures, workflows, and data flows directly in Markdown for docs or repos.

Write and maintain Cucumber BDD tests with Gherkin syntax, using best practices for declarative scenarios, independent tests, and step definitions in JavaScript, TypeScript, Java, or Ruby.

Validate and enforce quality for Apache Maven projects — manage build lifecycles, resolve dependencies with scope and conflict control, and configure plugins and profiles in pom.xml files for Java builds.

Embed structured annotations, categorized TODOs, and bidirectional documentation links into codebases using AI-optimized patterns like @ai- markers, @doc/@impl tags, and AI-DEV-NOTE comments, preserving context, decisions, and issues for seamless AI-assisted development workflows.